pangea-sdk 3.8.0b1__py3-none-any.whl → 5.4.0b1__py3-none-any.whl

pangea/services/audit/models.py

@@ -1,10 +1,12 @@
 # Copyright 2022 Pangea Cyber Corporation
 # Author: Pangea Cyber Corporation
+from __future__ import annotations
+
 import datetime
 import enum
-from typing import Any, Dict, List, Optional, Union
+from typing import Any, Dict, List, Optional, Sequence, Union
 
-from pangea.response import APIRequestModel, APIResponseModel, PangeaResponseResult
+from pangea.response import APIRequestModel, APIResponseModel, PangeaDateTime, PangeaResponseResult
 
 
 class EventVerification(str, enum.Enum):
@@ -19,14 +21,14 @@ class EventVerification(str, enum.Enum):
         return str(self.value)
 
 
-class Event(dict):
+class Event(Dict[str, Any]):
     """
     Event to perform an auditable activity
 
     Auxiliary class to be compatible with older SDKs
     """
 
-    def __init__(self, **data):
+    def __init__(self, **data) -> None:
         super().__init__(**data)
 
     @property
@@ -124,7 +126,7 @@ class EventEnvelope(APIResponseModel):
     event: Dict[str, Any]
     signature: Optional[str] = None
     public_key: Optional[str] = None
-    received_at: datetime.datetime
+    received_at: PangeaDateTime
 
 
 class LogRequest(APIRequestModel):
@@ -269,6 +271,7 @@ class SearchRequest(APIRequestModel):
     max_results -- Maximum number of results to return.
     search_restriction -- A list of keys to restrict the search results to. Useful for partitioning data available to the query string.
     verbose -- If true, include root, membership and consistency proofs in response.
+    return_context -- Return the context data needed to decrypt secure audit events that have been redacted with format preserving encryption.
     """
 
     query: str
@@ -279,8 +282,9 @@ class SearchRequest(APIRequestModel):
     end: Optional[str] = None
     limit: Optional[int] = None
     max_results: Optional[int] = None
-    search_restriction: Optional[dict] = None
+    search_restriction: Optional[Dict[str, Sequence[str]]] = None
     verbose: Optional[bool] = None
+    return_context: Optional[bool] = None
 
 
 class RootRequest(APIRequestModel):
@@ -361,6 +365,7 @@ class SearchEvent(APIResponseModel):
     consistency_verification -- Consistency verification calculated if required.
     membership_verification -- Membership verification calculated if required.
     signature_verification -- Signature verification calculated if required.
+    fpe_context -- The context data needed to decrypt secure audit events that have been redacted with format preserving encryption.
     """
 
     envelope: EventEnvelope
@@ -371,6 +376,7 @@ class SearchEvent(APIResponseModel):
     consistency_verification: EventVerification = EventVerification.NONE
     membership_verification: EventVerification = EventVerification.NONE
     signature_verification: EventVerification = EventVerification.NONE
+    fpe_context: Optional[str] = None
 
 
 class SearchResultOutput(PangeaResponseResult):
@@ -404,7 +410,7 @@ class SearchOutput(SearchResultOutput):
     """
 
     id: str
-    expires_at: datetime.datetime
+    expires_at: PangeaDateTime
 
 
 class SearchResultRequest(APIRequestModel):
@@ -415,11 +421,15 @@ class SearchResultRequest(APIRequestModel):
     id -- A search results identifier returned by the search call.
     limit -- Number of audit records to include from the first page of the results.
     offset -- Offset from the start of the result set to start returning results from.
+    assert_search_restriction -- Assert the requested search results were queried with the exact same search restrictions, to ensure the results comply to the expected restrictions.
+    return_context -- Return the context data needed to decrypt secure audit events that have been redacted with format preserving encryption.
     """
 
     id: str
     limit: Optional[int] = 20
     offset: Optional[int] = 0
+    assert_search_restriction: Optional[Dict[str, Sequence[str]]] = None
+    return_context: Optional[bool] = None
 
 
 class DownloadFormat(str, enum.Enum):
@@ -437,13 +447,51 @@ class DownloadFormat(str, enum.Enum):
 
 
 class DownloadRequest(APIRequestModel):
-    result_id: str
+    request_id: Optional[str] = None
+    """ID returned by the export API."""
+
+    result_id: Optional[str] = None
     """ID returned by the search API."""
 
     format: Optional[str] = None
     """Format for the records."""
 
+    return_context: Optional[bool] = None
+    """Return the context data needed to decrypt secure audit events that have been redacted with format preserving encryption."""
+
 
 class DownloadResult(PangeaResponseResult):
     dest_url: str
     """URL where search results can be downloaded."""
+
+    expires_at: str
+    """
+    The time when the results will no longer be available to page through via
+    the results API.
+    """
+
+
+class ExportRequest(APIRequestModel):
+    format: DownloadFormat = DownloadFormat.CSV
+    """Format for the records."""
+
+    start: Optional[datetime.datetime] = None
+    """The start of the time range to perform the search on."""
+
+    end: Optional[datetime.datetime] = None
+    """
+    The end of the time range to perform the search on. If omitted, then all
+    records up to the latest will be searched.
+    """
+
+    order_by: Optional[str] = None
+    """Name of column to sort the results by."""
+
+    order: Optional[SearchOrder] = None
+    """Specify the sort order of the response."""
+
+    verbose: bool = True
+    """
+    Whether or not to include the root hash of the tree and the membership proof
+    for each record.
+    """

pangea/services/audit/signing.py

@@ -1,5 +1,7 @@
 # Copyright 2022 Pangea Cyber Corporation
 # Author: Pangea Cyber Corporation
+from __future__ import annotations
+
 from abc import ABC, abstractmethod
 from typing import Optional
 
@@ -10,7 +12,7 @@ from cryptography.hazmat.primitives.asymmetric.types import PrivateKeyTypes, Pub
 
 from pangea.exceptions import PangeaException
 from pangea.services.audit.util import b64decode, b64decode_ascii, b64encode_ascii
-from pangea.services.vault.models.common import AsymmetricAlgorithm
+from pangea.services.vault.models.asymmetric import AsymmetricKeySigningAlgorithm
 
 
 class AlgorithmSigner(ABC):
@@ -43,7 +45,7 @@ class ED25519Signer(AlgorithmSigner):
         )
 
     def get_algorithm(self) -> str:
-        return AsymmetricAlgorithm.Ed25519.value
+        return AsymmetricKeySigningAlgorithm.ED25519.value
 
 
 signers = {
@@ -96,7 +98,7 @@ class Signer:
 
         for func in (serialization.load_pem_private_key, serialization.load_ssh_private_key):
             try:
-                return func(private_key, None)  # type: ignore[operator]
+                return func(private_key, None)
             except exceptions.UnsupportedAlgorithm as e:
                 raise e
             except ValueError:
@@ -144,8 +146,7 @@ class Verifier:
         for cls, verifier in verifiers.items():
             if isinstance(pubkey, cls):
                 return verifier(pubkey).verify(message_bytes, signature_bytes)
-        else:
-            raise PangeaException(f"Not supported public key type: {type(pubkey)}")
+        raise PangeaException(f"Not supported public key type: {type(pubkey)}")
 
     def _decode_public_key(self, public_key: bytes):
         """Parse a public key in PEM or ssh format"""

pangea/services/audit/util.py

@@ -7,7 +7,7 @@ from binascii import hexlify, unhexlify
 from dataclasses import dataclass
 from datetime import datetime
 from hashlib import sha256
-from typing import Dict, List, Optional
+from typing import Collection, Dict, List, Optional
 
 import requests
 
@@ -61,7 +61,7 @@ def verify_hash(hash1: str, hash2: str) -> bool:
 
 
 def verify_envelope_hash(envelope: EventEnvelope, hash: str):
-    return verify_hash(hash_dict(normalize_log(envelope.dict(exclude_none=True))), hash)
+    return verify_hash(hash_dict(normalize_log(envelope.model_dump(exclude_none=True))), hash)
 
 
 def canonicalize_event(event: Event) -> bytes:
@@ -192,7 +192,7 @@ def arweave_graphql_url():
     return f"{ARWEAVE_BASE_URL}/graphql"
 
 
-def get_arweave_published_roots(tree_name: str, tree_sizes: List[int]) -> Dict[int, PublishedRoot]:
+def get_arweave_published_roots(tree_name: str, tree_sizes: Collection[int]) -> Dict[int, PublishedRoot]:
     if len(tree_sizes) == 0:
         return {}